From c1aa78bcfe84d2f07cc7c9a0c54eb38fe8e8b97e Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Sat, 23 Apr 2016 18:47:03 -0500
Subject: [PATCH] Update README.md

---
 README-zh.md | 23 +++++++++++------------
 README.md    | 20 ++++++++++----------
 2 files changed, 21 insertions(+), 22 deletions(-)

diff --git a/README-zh.md b/README-zh.md
index aa5ace0..537ce9c 100644
--- a/README-zh.md
+++ b/README-zh.md
@@ -43,7 +43,7 @@ OpenVZ VPS 用户请使用其它的 VPN 软件，比如 <a href="https://github.
 
 ## 安装说明
 
-### 用于 Ubuntu 和 Debian:
+### Ubuntu & Debian
 
 首先，更新你的系统： 运行 `apt-get update && apt-get dist-upgrade` 并重启。这一步是可选的，但推荐。
 
@@ -51,10 +51,10 @@ OpenVZ VPS 用户请使用其它的 VPN 软件，比如 <a href="https://github.
 wget https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh -O vpnsetup.sh
 nano -w vpnsetup.sh
 [修改这些参数为你自己的值： IPSEC_PSK, VPN_USER 和 VPN_PASSWORD]
-sh vpnsetup.sh
+sudo sh vpnsetup.sh
 ```
 
-### 用于 CentOS 和 RHEL:
+### CentOS & RHEL
 
 首先，更新你的系统： 运行 `yum update` 并重启。这一步是可选的，但推荐。
 
@@ -63,35 +63,34 @@ yum -y install wget nano
 wget https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup_centos.sh -O vpnsetup_centos.sh
 nano -w vpnsetup_centos.sh
 [修改这些参数为你自己的值： IPSEC_PSK, VPN_USER 和 VPN_PASSWORD]
-sh vpnsetup_centos.sh
+sudo sh vpnsetup_centos.sh
 ```
 
 如果无法通过 `wget` 下载，你也可以打开 <a href="vpnsetup.sh" target="_blank">vpnsetup.sh</a> (或者 <a href="vpnsetup_centos.sh" target="_blank">vpnsetup_centos.sh</a>)，然后点击右方的 **`Raw`** 按钮。按快捷键 `Ctrl-A` 全选， `Ctrl-C` 复制，然后粘贴到你喜欢的编辑器。
 
 ## 下一步
 
-配置你的计算机或其它设备使用 VPN 。在网络上根据关键词搜索教程，比如 <a href="https://www.bing.com/search?q=setup+L2TP+client" target="_blank">bing.com/search?q=setup+L2TP+client</a> 。
-
+配置你的计算机或其它设备使用 VPN 。在网络上根据关键词搜索教程，例如 <a href="https://www.bing.com/search?q=setup+L2TP+client" target="_blank">bing.com/search?q=setup+L2TP+client</a> 。
 
 开始使用自己的专属 VPN ! :sparkles::tada::rocket::sparkles:
 
 ## 重要提示
 
-**Windows 用户** 在首次连接之前可能需要<a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">更改注册表</a>，以解决 VPN 服务器和客户端与 NAT （比如家用路由器）的兼容问题。另外请打开 VPN 连接属性的<a href="https://github.com/hwdsl2/setup-ipsec-vpn/issues/7#issuecomment-210084875" target="_blank">"安全"选项卡</a>，启用 `CHAP` 选项并且禁用 `MS-CHAP v2`。
+**Windows 用户** 在首次连接之前可能需要<a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">更改注册表</a>，以解决 VPN 服务器和客户端与 NAT （比如家用路由器）的兼容问题。如果遇到`Error 628`，请打开 VPN 连接属性的<a href="https://github.com/hwdsl2/setup-ipsec-vpn/issues/7#issuecomment-210084875" target="_blank">"安全"选项卡</a>，启用 `CHAP` 选项并禁用 `MS-CHAP v2`。
 
 **Android 6 (Marshmallow) 用户**: 安装完成之后，请编辑文件 `/etc/ipsec.conf` 并在 `ike=` 和 `phase2alg=` 两行的结尾添加 `,aes256-sha2_256` 。另外<a href="https://libreswan.org/wiki/FAQ#Android_6.0_connection_comes_up_but_no_packet_flow" target="_blank">增加一行</a> `sha2-truncbug=yes` 。每行开头必须空两格。保存修改并运行 `service ipsec restart` 。
 
-**iPhone/iPad 用户**: 在 iOS 的设置菜单请选择 `L2TP` (而不是 `IPSec`) 作为 VPN 类型。如果无法连接，可编辑 `ipsec.conf` 并尝试用 `rightprotoport=17/0` 替换 `rightprotoport=17/%any` 。保存修改并重启 `ipsec` 服务。
+**iPhone/iPad 用户**: 在 iOS 的设置菜单，选择 `L2TP` (而不是 `IPSec`) 作为 VPN 类型。如果无法连接，可编辑 `ipsec.conf` 并尝试用 `rightprotoport=17/0` 替换 `rightprotoport=17/%any` 。保存修改并重启 `ipsec` 服务。
 
-如果你想创建具有不同凭据的多个 VPN 用户，只需要<a href="https://gist.github.com/hwdsl2/123b886f29f4c689f531" target="_blank">修改这几行的脚本</a>。
+如果要创建具有不同凭据的多个 VPN 用户，只需<a href="https://gist.github.com/hwdsl2/123b886f29f4c689f531" target="_blank">修改这几行的脚本</a>。
 
-在 VPN 处于活动状态时，客户端已配置为使用 <a href="https://developers.google.com/speed/public-dns/" target="_blank">Google Public DNS</a>。此设置可在 `options.xl2tpd` 文件的 `ms-dns` 项更改。
+在 VPN 已连接时，客户端配置为使用 <a href="https://developers.google.com/speed/public-dns/" target="_blank">Google Public DNS</a>。此设置可在 `options.xl2tpd` 文件的 `ms-dns` 项更改。
 
 仅适用于 Amazon EC2 实例：在<a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html" target="_blank">安全组</a>设置中，请打开 UDP 端口 500 和 4500，以及 TCP 端口 22 （可选，用于 SSH ）。
 
-如果你为服务器配置了自定义 SSH 端口（不是 22）或希望允许其他服务，请在运行脚本之前编辑 <a href="vpnsetup.sh#L279" target="_blank">IPTables 防火墙规则</a>。
+如果你配置了自定义 SSH 端口（不是 22）或希望允许其他服务，请在运行脚本之前编辑 <a href="vpnsetup.sh#L279" target="_blank">IPTables 防火墙规则</a>。
 
-这些脚本每次在更改你的配置文件之前，会在同一目录下以 `.old-日期-时间` 为后缀备份现有的配置文件。
+这些脚本在更改你现有的配置文件之前，会在同一目录下以 `.old-日期-时间` 为后缀做备份。
 
 ## 关于升级Libreswan
 
diff --git a/README.md b/README.md
index d6b2f04..03a0f53 100644
--- a/README.md
+++ b/README.md
@@ -14,13 +14,13 @@ We will use <a href="https://libreswan.org/" target="_blank">Libreswan</a> as th
 - [Features](#features)
 - [Requirements](#requirements)
 - [Installation](#installation)
-  - [For Ubuntu and Debian](#for-ubuntu-and-debian)
-  - [For CentOS and RHEL](#for-centos-and-rhel)
+  - [Ubuntu & Debian](#ubuntu--debian)
+  - [CentOS & RHEL](#centos--rhel)
 - [Next Steps](#next-steps)
 - [Important Notes](#important-notes)
 - [Upgrading Libreswan](#upgrading-libreswan)
 - [Bugs & Questions](#bugs--questions)
-- [Copyright and License](#copyright-and-license)
+- [License](#license)
 
 ## Author
 
@@ -62,7 +62,7 @@ OpenVZ VPS users should instead try <a href="https://github.com/Nyr/openvpn-inst
 
 ## Installation
 
-### For Ubuntu and Debian:
+### Ubuntu & Debian
 
 First, update your system with `apt-get update && apt-get dist-upgrade` and reboot. This is optional, but recommended.
 
@@ -70,10 +70,10 @@ First, update your system with `apt-get update && apt-get dist-upgrade` and rebo
 wget https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup.sh -O vpnsetup.sh
 nano -w vpnsetup.sh
 [Edit and replace IPSEC_PSK, VPN_USER and VPN_PASSWORD with your own values]
-sh vpnsetup.sh
+sudo sh vpnsetup.sh
 ```
 
-### For CentOS and RHEL:
+### CentOS & RHEL
 
 First, update your system with `yum update` and reboot. This is optional, but recommended.
 
@@ -82,7 +82,7 @@ yum -y install wget nano
 wget https://github.com/hwdsl2/setup-ipsec-vpn/raw/master/vpnsetup_centos.sh -O vpnsetup_centos.sh
 nano -w vpnsetup_centos.sh
 [Edit and replace IPSEC_PSK, VPN_USER and VPN_PASSWORD with your own values]
-sh vpnsetup_centos.sh
+sudo sh vpnsetup_centos.sh
 ```
 
 If unable to download via `wget`, you may alternatively open <a href="vpnsetup.sh" target="_blank">vpnsetup.sh</a> (or <a href="vpnsetup_centos.sh" target="_blank">vpnsetup_centos.sh</a>) and click the **`Raw`** button. Press `Ctrl-A` to select all, `Ctrl-C` to copy, then paste into your favorite editor.
@@ -95,7 +95,7 @@ Enjoy your very own VPN! :sparkles::tada::rocket::sparkles:
 
 ## Important Notes
 
-For **Windows users**, a <a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">one-time registry change</a> is required if the VPN server and/or client is behind NAT (e.g. home router). In addition, you must enable `CHAP` (and disable `MS-CHAP v2`) <a href="https://github.com/hwdsl2/setup-ipsec-vpn/issues/7#issuecomment-210084875" target="_blank">in the "Security" tab</a> of VPN connection properties.
+For **Windows users**, a <a href="https://documentation.meraki.com/MX-Z/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_809" target="_blank">one-time registry change</a> is required if the VPN server and/or client is behind NAT (e.g. home router). In case you see `Error 628`, go to <a href="https://github.com/hwdsl2/setup-ipsec-vpn/issues/7#issuecomment-210084875" target="_blank">the "Security" tab</a> of VPN connection properties, enable `CHAP` and disable `MS-CHAP v2`.
 
 **Android 6 (Marshmallow) users**: After install, edit `/etc/ipsec.conf` and append `,aes256-sha2_256` to both `ike=` and `phase2alg=`. Then <a href="https://libreswan.org/wiki/FAQ#Android_6.0_connection_comes_up_but_no_packet_flow" target="_blank">add a new line</a> `sha2-truncbug=yes`. Indent lines with two spaces. Finally, run `service ipsec restart`.
 
@@ -117,11 +117,11 @@ The additional scripts <a href="vpnupgrade_Libreswan.sh" target="_blank">vpnupgr
 
 ## Bugs & Questions
 
-- Have a question? Please first search other people's comments <a href="https://gist.github.com/hwdsl2/9030462#comments" target="_blank">in this GitHub Gist</a> and <a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#disqus_thread" target="_blank">on my blog</a>.
+- Got a question? Please first search other people's comments <a href="https://gist.github.com/hwdsl2/9030462#comments" target="_blank">in this GitHub Gist</a> and <a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#disqus_thread" target="_blank">on my blog</a>.
 - Ask Libreswan (IPsec) related questions <a href="https://lists.libreswan.org/mailman/listinfo/swan" target="_blank">on the mailing list</a>, or read these wikis: <a href="https://libreswan.org/wiki/Main_Page" target="_blank">[1]</a> <a href="https://wiki.gentoo.org/wiki/IPsec_L2TP_VPN_server" target="_blank">[2]</a> <a href="https://wiki.archlinux.org/index.php/L2TP/IPsec_VPN_client_setup" target="_blank">[3]</a> <a href="https://help.ubuntu.com/community/L2TPServer" target="_blank">[4]</a> <a href="https://wiki.strongswan.org/projects/strongswan/wiki/UserDocumentation" target="_blank">[5]</a>.
 - If you found a reproducible bug, open a <a href="https://github.com/hwdsl2/setup-ipsec-vpn/issues" target="_blank">GitHub Issue</a> to submit a bug report.
 
-## Copyright and License
+## License
 
 Copyright (C) 2014-2016&nbsp;Lin Song&nbsp;&nbsp;&nbsp;<a href="https://www.linkedin.com/in/linsongui" target="_blank"><img src="https://static.licdn.com/scds/common/u/img/webpromo/btn_viewmy_160x25.png" width="160" height="25" border="0" alt="View my profile on LinkedIn"></a>    
 Based on <a href="https://github.com/sarfata/voodooprivacy" target="_blank">the work of Thomas Sarlandie</a> (Copyright 2012)